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Fig. 5 
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Extract usemame and 
password values from 
fields in web page or pop- 
up dialog 



Store usemame/password 
pair and identity of 
destination web site in 
system database 




System 
database 




Data flow 

Program control flow 
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Fig. 7 



Recording 
— Browser 

— DataToRecoro 

UURLsYes 

- HTML^Yes 

- SubmittedFields=Yes 
l— passwords=Yes 

— WhenToStartRecording 
t_WhenBrowserIsOpened=No 

- IfCreditCardNumberSubim«ed=Yes 

- ifPasswordSubrnitted=Yes 
— IfKeywordsReceived=Yes 

- lfKeywordsSent=Yes 

■WhenToStopRecording 

UWhenUserClosesBrowser=Yes 

r- WhenUserCUangesSite=Yes 

L whenUserChangesPage=No 

Email 

— • DataToRecoro 

1-SentMail 

I— UnsignedMessages=Yes 

f-MessageText=Yes 

— SignedMessages=Yes 

L-MessageText=Yes 
I— Anachments=Yes 
L Certificates=Yes 

L ReceivedMail 

tUnsignedMessages=Yes 
|-MessageText=Yes 
L_ Artachments=No 
SignedMessages=Yes 

EMessageTexfc=Yes 
Attachments=Yes 
Certificates=Yes 

L-WhenToRecord 

L_ SentMail ^ 

- ^liilContainsCreditCardKumber=Yes 

- lfMailContainsKeywords=Yes 
L ifMailIsDigitallySigned=Yes 

—ReceivedMail 

EAll=No 
UMailContainsKeyv/ords=Yes 
IfMailIsDigitallySigned=Yes 
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Scan transmission buffer 
for next all-digit string 
(CCN candidate) 




YES 



Calculate Luhn 
checksum of CCN 
candidate 




YES 



Fig. 8 
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S'7S 



No valid CCN found in 

buffer - allow 
transmission to server^ 



Li- 



Transaction denied - 
prevent transmission to 
server. 







Transaction approved - 
allow transmission to 
server. 



SlSD 
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Look up certificate in 
system database 




SZ02. 



Add certificate to 
system database 



1 



YES 



Obtain history of validation 
checks, transactions etc from 
database and use policy business 
rules to determine if validity 
check required. 



Perform on-line 
certificate validity check 



L 
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Update database with 
results 



Reject transmissions 
reliant on invalid 
certificate 





5ZO % 
C 



Accept transmissions 
reliant on valid 
certificate 



I 



,5 Zoo 



Data flow 

Program control' flow 
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Policy 



DigitalCettificates 

l__ AcceptanceConfidenceRating 

L— IdentityCertificates 

U-AlwaysAcceptFrom=[table aj 

-ChSaisSinceLastReceivedThisCernfic^O 

L-MonetaryCertificates 

— AlwaysAcceptFrom=[table xj 
— AlwaysCheckFrom=[table y] 

— CheckIfAmo.untExceeds=10000 

— IfRecentlyChecked 
I_DaysSinceLastChecked=30 
l_ MaximumAmount=5000 



Fig. 10 
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Look up site in policy- 
based list of sites that 
use secure connections 
but are known not to 
be e-commerce sites 




c 



End 
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Policy 

L_ Transactions 



LifCreditCardNumberPresent=Yes 
I LpreviousPages-2 

LHOtherIndicatorPresent=Yes 
LKeywords=[table t] 
1 LpreviousPages=6 

L ^fconnectionGoesIns^Yes 
L WhenSiteChanges=Yes 
t jfDigltalReceiptReceived-Yes 
LAfteiNuinberOfPages=20 




vww.boonail.com 
wvrw.passport.com 
ibankoQ.barclays.co.uk 

. r „u> ivwolb.co.uk 



ecoaun.us.deU.com/dellstore 

buy.supersaver.co.uk 
w v^.boofcforajUorr^ket_ 



Table r-Account£odes^ 

Previous Pages To 
Record 

2 



Account 
Code 



21321234 
ORCHOl 
58734 . 
PETER304 



1 
0 




"receipt 

••frank you for your order" 
■order confirmation" 



Fig. 13 
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Fig. 14 



Examine data received or 
transmitted for indications that 
a transaction is occurring or 

has just occurred. 
See flowchart Identifying a 
transaction' 



<>2-7Z. 




Data flow 

Program control flow 



Examine policy settings 
appropriate to type of 
transaction, Identity of 
sender, and amount of 
transaction 




5 



szsz 



Retrieve earlier 
transmissions 
from local cache 
store 



Store relevant 
transmissions together with 
transaction data, user 
identity and other related 
information in system 
database 



System 
database 
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End-user 
process 




Fig. 15 



Approver 
process 



SZflZ 



Identify appropriate 
approver based on 
end-user's identity and 

size and nature of 
proposed transaction 



Submit request for 
approval 




YES s 
4 I — <f Approved? 



Allow transaction 
to proceed 




1 00 




System 
approvals 
queue 



Abandon 
transaction 



T 



s 



Retrieve request 
a nd determine 
correct response 
(approval or 
rejection) 



Send response 
(approval or 
rejection) 



s 



Data flow 
^ Program control flow 
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Policy 



■TransactionApproval 

1 MaximumUnapprovedTransacuonAmount = 5UU 

MaxinwmUnapprovedMoathlyAmount=2500 

— Excl\idedSites= [table e] 
— Approvers = [table f] 



Username 


Table f - Approvers 

7Zi7 |Excluded Sites 


F Smith; 


S500 


www.dell.com 


R Jones 


S10C0 


www.dell.com; 
www.officemax.com 


F Healy 


Unlimited 


none 







Fig. 16 
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Policy 

1 — TransmittedDataSecurity 



— Passwords=40 

— CreditCardNumbers 

tCompany=128 
Personal=128 
— SubmittedKeywords=40 
OtherSubmittedData=None 



I — RequiredEncryptionLevel 




• 
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level of transmission 
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